Search squid archive

Re: multiple ssl sites reverse proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, 28 Nov 2011 14:51:17 -0500, Daniel Alfonso wrote:

Any suggestions as to what my config should have in addition to
below? Single squid server caching/offloading SSL for a single origin
webserver. Sites on origin server using name based hosting on the IP
X.X.X.100

Each site uses a unique IP for http(s)

#Config
https_port X.X.X.1:443 accel cert=/certs/ domain1.crt key=/certs/
domain1.key cafile=/certs/cacert.crt defaultsite=www.domain1.com
http_port X.X.X.1:80 accel defaultsite=www.domain1.com
https_port X.X.X.2:443 accel cert=/certs/ domain2.crt key=/certs/
domain2.key cafile=/certs/cacert.crt defaultsite=www.domain2.com
http_port X.X.X.2:80 accel defaultsite=www.domain2.com
https_port X.X.X.3:443 accel cert=/certs/ domain3.crt key=/certs/
domain3.key cafile=/certs/cacert.crt defaultsite=www.domain3.com
http_port X.X.X.3:80 accel defaultsite=www.domain3.com
cache_peer X.X.X.100 parent 80 0 no-query originserver name=origin
cache_peer_access origin allow all
http_access allow all

Thanks for any suggestions/insight.
Some restrictions on what domains are allowed to DoS, er get passed to, the backend server.
acl localDomains dstdomain www.domain1.com www.domain2.com www.domain3.com 
  cache_peer_access origin allow localDomains
  cache_peer_access origin deny all
  http_access allow localDomains
  http_access deny all
And a port for Squid management with the usual ACL controls over what can access there. 

Amos
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux